From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Wed, 20 Apr 2005 13:45:39 +0400 From: Anton Gorlov X-Mailer: The Bat! (v3.0.1.33) Professional X-Priority: 3 (Normal) Message-ID: <1278330642.20050420134539@mail.ru> To: community@altlinux.ru Subject: Re[2]: [Comm] TLS SSL In-Reply-To: <42661D7B.20906@inbox.ru> References: <42661D7B.20906@inbox.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=Windows-1251 Content-Transfer-Encoding: quoted-printable X-BeenThere: community@altlinux.ru X-Mailman-Version: 2.1.5 Precedence: list Reply-To: community@altlinux.ru List-Id: Mailing list for ALT Linux users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Apr 2005 09:47:21 -0000 Archived-At: List-Archive: List-Post: =C7=E4=F0=E0=E2=F1=F2=E2=F3=E9=F2=E5, Boldin. =C2=FB =EF=E8=F1=E0=EB=E8 20 =E0=EF=F0=E5=EB=FF 2005 =E3., 13:14:35: > =D3=F0=E0! =C7=E0=F0=E0=E1=EE=F2=E0=EB=EE! =D5=EC... > =C7=ED=E0=F7=E8=F2 =E4=E5=EB=E0=E5=EC =F2=E0=EA: > # squid_ldap_auth -b "dc=3Dnirvana,dc=3Dhome" -H 'ldap://nirvana.home/' -f > "uid=3D%s" -v 3 -Z > =E3=E4=E5 -v 3 - =E2=E5=F0=F1=E8=FF =EF=F0=EE=F2=EE=EA=EE=EB=E0 =E4=EB=FF= bind, -Z - =F3=EA=E0=E7=E0=ED=E8=E5 =ED=E0 =E8=F1=EF=EE=EB=FC=E7=EE=E2=E0= =ED=E8=E5 TLS. > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D stdin > vasya file > OK > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > =E2 squid.conf =EF=EE=EA=E0 =EC=EE=E6=ED=EE =E7=E0=EF=E8=F1=E0=F2=FC /usr= /bin/strace -o /tmp/strace.log > /usr/lib/squid/squid_ldap_auth ..... > (=E8 =EE=F2=F1=FB=EB=E0=F2=FC/=F1=EC=EE=F2=F0=E5=F2=FC =F1=E0=EC=EE=F3 /t= mp/strace.log) =D9=E0 =EF=EE=F1=EC=EE=F2=F0=E8=EC.. > 1. =E7=E0=EC=E5=F7=E0=ED=E8=E5 squid_ldap_auth =E7=E0=EF=F3=F1=EA=E0=E5= =F2=F1=FF =CD=C5 =CF=CE=C4 root, =E7=ED=E0=F7=E8=F2, =E5=F1=EB=E8 =ED=E5=F2 > =EF=F0=E0=E2 =ED=E0 =F7=F2=E5=ED=E8=E5 CAcert (=EA=F1=F2=E0=F2=E8, squid_= ldap_auth =F7=E8=F2=E0=E5=F2 > /etc/openldap/ldap.conf, =E2 =EA=EE=F2=EE=F0=EE=EC =E5=F1=F2=FC =EE=EF=F6= =E8=FF TLS_CACERT) > =F2=EE =E2=F1=E5 =EE=E1=EB=E0=EC=FB=E2=E0=E5=F2=F1=FF (=F7=F2=EE =F1=EA= =EE=F0=E5=E5 =E2=F1=E5=E3=EE =E8 =F1=EB=F3=F7=E8=EB=EE=F1=FC :) =CD=EE =F3 =EC=E5=ED=FF =F2=E0 =E2 =FD=F2=EE=EC =F4=E0=E9=EB=E5 =E2=F1=B8 = =E7=E0=EA=EE=EC=E5=ED=F2=E8=F0=EE=E2=E0=ED=EE (=E8=E7 =EA=EE=F0=EE=E1=EA=E8= ).. =D2=E0=EA =F7=F2=EE =ED=E5 =EF=EE=F5=EE=E6=E5 =F7=F2=EE =F3 =EC=E5=ED=FF = =EF=F0=EE=E1=EB=E5=EC=E0 =E2 =FD=F2=EE=EC. > =EB=E5=F7=E8=F2=F1=FF =EB=E8=E1=EE =F2=E0=EA: > # cp /etc/openldap/ldap.conf /var/spool/squid/ldaprc > # cp /etc/openldap/ssl/cacert.pem /var/spool/squid/cacert.pem > # echo "TLS_CACERT /var/spool/squid/cacert.pem" > /var/spool/squid/ldaprc > =E8=EB=E8 =EF=F0=EE=F1=F2=EE =E4=EE=E1=E0=E2=EB=E5=ED=E8=E5=EC squid =E2 = =E3=F0=F3=EF=EF=F3 ldap =E8 =F2=EE=E3=E4=E0 > # chown ldap.ldap -R /etc/openldap > =EF=F0=E8=EB=E0=E3=E0=FE=F2=F1=FF =F4=E0=E9=EB=FB: ldap.conf, squid.conf.= bz2 (=F1=EC=EE=F2=F0=E8=F2=E5 =F1=E5=EA=F6=E8=E8 =F1 > auth_param), slapd.conf =E2=E0=EC =ED=E5 =ED=F3=E6=E5=ED. > =E5=F1=EB=E8 =F1=F0=E0=E7=F3 =E7=E0=F0=E0=E1=EE=F2=E0=E5=F2 - =F1 =C2=E0= =F1 =E1=F3=F2=FB=EB=EA=E0 =EF=E8=E2=E0 :), =E1=F3=E4=E5=F2=E5 =E2 =D1=E0=EC= =E0=F0=E5 - =E7=E0=E2=E5=E7=E5=F2=E5 ;) =DF =EF=EE =EF=EE=F7=F2=E5 =EE=F2=EF=F0=E0=E2=EB=FE, =F2=EE=EB=FC=EA=EE =F2= =E0=EA=EE=E5 =EE=F9=F3=F9=E5=ED=E8=E5 =F7=F2=EE =E8 =F1=E5=E9=F7=E0=F1 =ED= =E5 =E2=E7=EB=E5=F2=E8=F2.. =E8 =ED=E5 =EF=EE=ED=FF=F2=ED=EE -=EF=EE=F7=E5=EC=F3 =E6=E5 ldapsearch, =E7= =E0=EF=F3=F9=E5=ED=ED=FB=E9 =EE=F2 =F0=F3=F2=E0 =EE=E1=EB=E0=EC=FB=E2=E0=E5= =F2=F1=FF =F1 =EF=EE=F5=EE=E6=E8=EC=E8 =F1=E8=EC=EF=F2=EE=EC=E0=EC=E8? --=20 =D1 =F3=E2=E0=E6=E5=ED=E8=E5=EC, Anton mailto:Pnz.Stalker@mail.ru